Table of Contents
Introduction
Part I: Enterprise Security
Chapter 1 Cryptographic Concepts and Techniques
Cryptographic Techniques
Key Stretching
Hashing
MD2/MD4/MD5/MD6
SHA/SHA-2/SHA-3
HAVAL
RIPEMD-160
Code Signing
Message Authentication Code
Pseudo-Random Number Generation
Perfect Forward Secrecy
Transport Encryption
SSL/TLS
HTTP/HTTPS/SHTTP
SET and 3-D Secure
IPsec
Data at Rest Encryption
Symmetric Algorithms
Asymmetric Algorithms
Hybrid Ciphers
Digital Signatures
Cryptographic Concepts
Entropy
Diffusion
Confusion
Non-repudiation
Confidentiality
Integrity
Chain of Trust/Root of Trust
Cryptographic Applications and Proper/Improper Implementations
Advanced PKI Concepts
Wildcard
OCSP Versus CRL
Issuance to Entities
Users
Systems
Applications
Key Escrow
Steganography
Implications of Cryptographic Methods and Design
Stream Ciphers
Block Ciphers
Modes
Known Flaws/Weaknesses
Strength Versus Performance Versus Feasibility to Implement Versus Interoperability
Cryptographic Implementations
Digital Rights Management (DRM)
Watermarking
GNU Privacy Guard (GPG)
Secure Sockets Layer (SSL)
Secure Shell (SSH)
Secure Multipurpose Internet Mail Extensions (S/MIME)
Review All Key Topics
Complete the Tables and Lists from Memory
Define Key Terms
Chapter 2 Enterprise Storage
Storage Types
Virtual Storage
Cloud Storage
Data Warehousing
Data Archiving
SANs
NAS
VSANs
Storage Protocols
iSCSI
FCoE
NFS and CIFS
Secure Storage Management
Multipathing
Snapshots
Deduplication
Dynamic Disk Pools
LUN Masking/Mapping
HBA Allocation
Offsite or Multisite Replication
Encryption
Disk-Level Encryption
Block-Level Encryption
File-Level Encryption
Record-Level Encryption
Port-Level Encryption
Review All Key Topics
Define Key Terms
Chapter 3 Network and Security Components, Concepts, and Architectures
Advanced Network Design (Wired/Wireless)
Remote Access
VPNs
SSH
RDP
VNC
SSL
IPv6 and Associated Transitional Technologies
Transport Encryption
FTP, FTPS, and SFTP
HTTP, HTTPS, and SHTTP
Network Authentication Methods
Authentication Factors
802.1x
Mesh Networks
Application of Solutions
Security Devices
UTM
NIPS
NIDS
INE
SIEM
HSM
Placement of Devices
UTM
NIDS
INE
NIPS
SIEM
HSM
Application- and Protocol-Aware Technologies
WAF
NextGen Firewalls
IPS
Passive Vulnerability Scanners
Active Vulnerability Scanners
DAM
Networking Devices
Switches
ARP Poisoning
VLANs
Firewalls
Types
Firewall Architecture
Wireless Controllers
Routers
Proxies
Ports
Virtual Networking and Security Components
Virtual Switches
Virtual Firewalls
Virtual Wireless Controllers
Virtual Routers
Virtual Proxy Servers
Virtual Computing
Complex Network Security Solutions for Data Flow
SSL Inspection
Network Flow Data
Secure Configuration and Baselining of Networking and Security Components
ACLs
Creating Rule Sets
Change Monitoring
Configuration Lockdown
Availability Controls
Software-Defined Networking
Cloud-Managed Networks
Network Management and Monitoring Tools
Advanced Configuration of Routers, Switches, and Other Network Devices
Transport Security
Trunking Security
Route Protection
Security Zones
Data-Flow Enforcement
DMZ
Separation of Critical Assets
Network Access Control
Quarantine/Remediation
Operational and Consumer Network-Enabled Devices
Building Automation Systems
IP Video
HVAC Controllers
Sensors
Physical Access Control Systems
A/V Systems
Scientific/Industrial Equipment
Critical Infrastructure/Supervisory Control and Data Acquisition (SCADA)/Industrial Control Systems (ICS)
Review All Key Topics
Define Key Terms
Chapter 4 Security Controls for Hosts
Trusted OS
Endpoint Security Software
Antimalware
Antivirus
Antispyware
Spam Filters
Patch Management
IPS/IDS
Data Loss Prevention
Host-Based Firewalls
Log Monitoring
Host Hardening
Standard Operating Environment/Configuration Baselining
Application Whitelisting and Blacklisting
Security/Group Policy Implementation
Command Shell Restrictions
Patch Management
Configuring Dedicated Interfaces
Out-of-Band NICs
ACLs
Management Interface
Data Interface
Peripheral Restrictions
USB
Bluetooth
FireWire
Full Disk Encryption
Security Advantages and Disadvantages of Virtualizing Servers
Type I Hypervisor
Type II Hypervisor
Container-Based Virtualization
Cloud-Augmented Security Services
Hash Matching
Antivirus
Antispam
Vulnerability Scanning
Sandboxing
Content Filtering
Boot Loader Protections
Secure Boot
Measured Launch
Integrity Measurement Architecture (IMA)
BIOS/UEFI
Vulnerabilities Associated with Commingling of Hosts with Different Security Requirements
VM Escape
Privilege Elevation
Live VM Migration
Data Remnants
Virtual Desktop Infrastructure (VDI)
Terminal Services/Application Delivery Services
Trusted Platform Module (TPM)
Virtual TPM (VTPM)
Hardware Security Module (HSM)
Review All Key Topics
Define Key Terms
Chapter 5 Application Vulnerabilities and Security Controls
Web Application Security Design Considerations
Secure by Design, by Default, by Deployment
Specific Application Issues
Insecure Direct Object References
XSS
Cross-Site Request Forgery (CSRF)
Click-Jacking
Session Management
Input Validation
SQL Injection
Identifying a SQL Attack
Improper Error and Exception Handling
Privilege Escalation
Improper Storage of Sensitive Data
Fuzzing/Fault Injection
Secure Cookie Storage and Transmission
Buffer Overflow
Memory Leaks
Integer Overflows
Race Conditions
Time of Check/Time of Use
Resource Exhaustion
Geotagging
Data Remnants
Application Sandboxing
Application Security Frameworks
Standard Libraries
Industry-Accepted Approaches
WASC
OWASP
BSI
ISO/IEC 27000
Web Services Security (WS-Security)
Secure Coding Standards
Software Development Methods
Build and Fix
Waterfall
V-Shaped
Prototyping
Incremental
Spiral
Rapid Application Development (RAD)
Agile
JAD
Cleanroom
Database Activity Monitoring (DAM)
Web Application Firewalls (WAF)
Client-Side Processing Versus Server-Side Processing
JSON/REST
Browser Extensions
ActiveX
Java Applets
Flash
HTML5
AJAX
SOAP
State Management
JavaScript
Review All Key Topics
Define Key Terms
Part II: Risk Management and Incident Response
Chapter 6 Business Influences and Associated Security Risks
Risk Management of New Products, New Technologies, and User Behaviors
New or Changing Business Models/Strategies
Partnerships
Outsourcing
Cloud Computing
Merger and Demerger/Divestiture
Security Concerns of Integrating Diverse Industries
Rules
Policies
Regulations
Geography
Ensuring That Third-Party Providers Have Requisite Levels of Information Security
Internal and External Influences
Competitors
Auditors/Audit Findings
Regulatory Entities
Onsite Assessment
Document Exchange/Review
Process/Policy Review
Internal and External Client Requirements
Top-Level Management
Impact of De-perimiterization
Telecommuting
Cloud
BYOD (“Bring Your Own Device”)
Outsourcing
Review All Key Topics
Define Key Terms
Chapter 7 Risk Mitigation Planning, Strategies, and Controls
Classify Information Types into Levels of CIA Based on Organization/Industry
Information Classification and Life Cycle
Commercial Business Classifications
Military and Government Classifications
Information Life Cycle
Incorporate Stakeholder Input into CIA Decisions
Implement Technical Controls Based on CIA Requirements and Policies of the Organization
Access Control Categories
Compensative
Corrective
Detective
Deterrent
Directive
Preventive
Recovery
Access Control Types
Administrative (Management) Controls
Logical (Technical) Controls
Physical Controls
Security Requirements Traceability Matrix (SRTM)
Determine the Aggregate CIA Score
Extreme Scenario/Worst-Case Scenario Planning
Determine Minimum Required Security Controls Based on Aggregate Score
Conduct System-Specific Risk Analysis
Make Risk Determination
Qualitative Risk Analysis
Quantitative Risk Analysis
Magnitude of Impact
SLE
ALE
Likelihood of Threat
Motivation
Source
ARO
Trend Analysis
Return on Investment (ROI)
Payback
Net Present Value (NPV)
Total Cost of Ownership
Recommend Which Strategy Should be Applied Based on Risk Appetite
Avoid
Transfer
Mitigate
Accept
Risk Management Processes
Information and Asset (Tangible/Intangible) Value and Costs
Vulnerabilities and Threats Identification
Exemptions
Deterrence
Inherent
Residual
Enterprise Security Architecture Frameworks
Sherwood Applied Business Security Architecture (SABSA)
Control Objectives for Information and Related Technology (CobiT)
NIST SP 800-53
Continuous Improvement/Monitoring
Business Continuity Planning
Business Continuity Scope and Plan
Personnel Components
Project Scope
Business Continuity Steps
IT Governance
Policies
Organizational Security Policy
System-Specific Security Policy
Issue-Specific Security Policy
Policy Categories
Standards
Baselines
Guidelines
Procedures
Review All Key Topics
Complete the Tables and Lists from Memory
Define Key Terms
Chapter 8 Security, Privacy Policies, and Procedures
Policy Development and Updates in Light of New Business, Technology, Risks, and Environment Changes
ISO/IEC 27000 Series
Process/Procedure Development and Updates in Light of Policy, Environment, and Business Changes
Support Legal Compliance and Advocacy by Partnering with HR, Legal, Management, and Other Entities
Sarbanes-Oxley (SOX) Act
Health Insurance Portability and Accountability Act (HIPAA)
Gramm-Leach-Bliley Act (GLBA) of 1999
Computer Fraud and Abuse Act (CFAA)
Federal Privacy Act of 1974
Computer Security Act of 1987
Personal Information Protection and Electronic Documents Act (PIPEDA)
Basel II
Payment Card Industry Data Security Standard (PCI DSS)
Federal Information Security Management Act (FISMA) of 2002
Economic Espionage Act of 1996
USA PATRIOT Act
Health Care and Education Reconciliation Act of 2010
Use Common Business Documents to Support Security
Risk Assessment (RA)/Statement of Applicability (SOA)
Business Impact Analysis (BIA)
Business Impact Analysis (BIA) Development
Interoperability Agreement (IA)
Interconnection Security Agreement (ISA)
Memorandum of Understanding (MOU)
Service-Level Agreement (SLA)
Operating-Level Agreement (OLA)
Nondisclosure Agreement (NDA)
Business Partnership Agreement (BPA)
Use General Privacy Principles for Sensitive Information (PII)
Support the Development of Various Policies
Separation of Duties
Job Rotation
Mandatory Vacation
Least Privilege
Incident Response
Event Versus Incident
Incident Response Team and Incident Investigations
Rules of Engagement, Authorization, and Scope
Forensic Tasks
Employment and Termination Procedures
Continuous Monitoring
Training and Awareness for Users
Auditing Requirements and Frequency
Review All Key Topics
Define Key Terms
Chapter 9 Incident Response and Recovery Procedures
E-Discovery
Electronic Inventory and Asset Control
Data Retention Policies
Data Recovery and Storage
Data Backup Types and Schemes
Electronic Backup
Data Ownership
Data Handling
Legal Holds
Data Breach
Detection and Collection
Data Analytics
Mitigation
Minimize
Isolate
Recovery/Reconstitution
Response
Disclosure
Design Systems to Facilitate Incident Response
Internal and External Violations
Privacy Policy Violations
Criminal Actions
Insider Threat
Non-Malicious Threats/Misconfigurations
Establish and Review System, Audit and Security Logs
Incident and Emergency Response
Chain of Custody
Evidence
Surveillance, Search, and Seizure
Forensic Analysis of Compromised System
Media Analysis
Software Analysis
Network Analysis
Hardware/Embedded Device Analysis
Continuity of Operations Plan (COOP)
Order of Volatility
Review All Key Topics
Define Key Terms
Part III: Research, Analysis, and Assessment
Chapter 10 Industry Trends
Perform Ongoing Research
Best Practices
New Technologies
New Security Systems and Services
Technology Evolution
Situational Awareness
Latest Client-Side Attacks
Knowledge of Current Vulnerabilities and Threats
Vulnerability Management Systems
Advanced Persistent Threats
Zero-Day Mitigating Controls and Remediation
Emergent Threats and Issues
Research Security Implications of New Business Tools
Social Media/Networking
End-User Cloud Storage
Integration Within the Business
Global IA Industry/Community
Computer Emergency Response Team (CERT)
Conventions/Conferences
Threat Actors
Emerging Threat Sources/Threat Intelligence
Research Security Requirements for Contracts
Request for Proposal (RFP)
Request for Quote (RFQ)
Request for Information (RFI)
Agreements
Review All Key Topics
Define Key Terms
Chapter 11 Securing the Enterprise
Create Benchmarks and Compare to Baselines
Prototype and Test Multiple Solutions
Cost/Benefit Analysis
ROI
TCO
Metrics Collection and Analysis
Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs
Review Effectiveness of Existing Security Controls
Reverse Engineer/Deconstruct Existing Solutions
Analyze Security Solution Attributes to Ensure They Meet Business Needs
Performance
Latency
Scalability
Capability
Usability
Maintainability
Availability
Recoverability
Conduct a Lessons-Learned/After-Action Report
Use Judgment to Solve Difficult Problems That Do Not Have a Best Solution
Review All Key Topics
Define Key Terms
Chapter 12 Assessment Tools and Methods
Assessment Tool Types
Port Scanners
Vulnerability Scanners
Protocol Analyzer
Network Enumerator
Password Cracker
Fuzzer
HTTP Interceptor
Exploitation Tools/Frameworks
Passive Reconnaissance and Intelligence-Gathering Tools
Social Media
Whois
Routing Tables
Assessment Methods
Vulnerability Assessment
Malware Sandboxing
Memory Dumping, Runtime Debugging
Penetration Testing
Black Box
White Box
Gray Box
Reconnaissance
Fingerprinting
Code Review
Social Engineering
Phishing/Pharming
Shoulder Surfing
Identity Theft
Dumpster Diving
Review All Key Topics
Define Key Terms
Part IV: Integration of Computing, Communications, and Business Disciplines
Chapter 13 Business Unit Collaboration
Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines
Sales Staff
Programmer
Database Administrator
Network Administrator
Management/Executive Management
Financial
Human Resources
Emergency Response Team
Facilities Manager
Physical Security Manager
Provide Objective Guidance and Impartial Recommendations to Staff and Senior Management on Security Processes and Controls
Establish Effective Collaboration within Teams to Implement Secure Solutions
IT Governance
Review All Key Topics
Define Key Terms
Chapter 14 Secure Communication and Collaboration
Security of Unified Collaboration Tools
Web Conferencing
Video Conferencing
Instant Messaging
Desktop Sharing
Remote Assistance
Presence
Email
IMAP
POP
SMTP
Email Spoofing
Spear Phishing
Whaling
Spam
Captured Messages
Disclosure of Information
Malware
Telephony
VoIP
Collaboration Sites
Social Media
Cloud-Based Collaboration
Remote Access
Dial-up
VPN
SSL
Remote Administration
Mobile Device Management
BYOD
Over-the-Air Technologies Concerns
FHSS, DSSS, OFDM, FDMA, CDMA, OFDMA, and GSM
802.11 Techniques
Cellular or Mobile Wireless Techniques
WLAN Structure
Access Point
SSID
Infrastructure Mode Versus Ad Hoc Mode
WLAN Standards
802.11a
802.11b
802.11g
802.11n
802.11ac
Bluetooth
Infrared
WLAN Security
WEP
WPA
WPA2
Personal Versus Enterprise WPA
SSID Broadcast
MAC Filter
Satellites
Wireless Attacks
Wardriving
Warchalking
Rogue Access Points
Review All Key Topics
Define Key Terms
Chapter 15 Security Across the Technology Life Cycle
End-to-End Solution Ownership
Operational Activities
Maintenance
Commissioning/Decommissioning
Asset Disposal
Asset/Object Reuse
General Change Management
Systems Development Life Cycle (SDLC)
Security System Development Life Cycle (SSDLC)/Security Development Life Cycle (SDL)
Security Requirements Traceability Matrix (SRTM)
Validation and Acceptance Testing
Security Implications of Agile, Waterfall, and Spiral Software Development Methodologies
Agile Software Development
The Waterfall Model
The Spiral Model
Adapt Solutions to Address Emerging Threats and Security Trends
Asset Management (Inventory Control)
Device-Tracking Technologies
Geolocation/GPS Location
Object Tracking and Containment Technologies
Geotagging/Geofencing
RFID
Review All Key Topics
Define Key Terms
Part V: Technical Integration of Enterprise Components
Chapter 16 Host, Storage, Network, and Application Integration into a Secure Enterprise Architecture
Secure Data Flows to Meet Changing Business Needs
Standards
Open Standards
Adherence to Standards
Competing Standards
Lack of Standards
De Facto Standards
Interoperability Issues
Legacy Systems/Current Systems
Application Requirements
In-House Developed Versus Commercial Versus Commercial Customized Applications
Technical Deployment Models
Cloud and Virtualization Considerations and Hosting Options
Public Cloud
Private Cloud
Hybrid Cloud
Community Cloud
Multi-Tenancy Model
Single-Tenancy Model
Vulnerabilities Associated with a Single Physical Server Hosting Multiple Companies’ Virtual Machines
Vulnerabilities Associated with a Single Platform Hosting Multiple Companies’ Virtual Machines
Secure Use of On-demand/Elastic Cloud Computing
Data Remnants
Data Aggregation
Data Isolation
Resource Provisioning and Deprovisioning
Users
Servers
Virtual Devices
Applications
Securing Virtual Environments, Services, Applications, Appliances, and Equipment
Design Considerations During Mergers, Acquisitions, and Demergers/Divestitures
Network Secure Segmentation and Delegation
Logical and Physical Deployment Diagrams of Relevant Devices
Secure Infrastructure Design
DMZs
VLANs
VPNs
Wireless Networks
Storage Integration (Security Considerations)
Enterprise Application Integration Enablers
CRM
ERP
GRC
ESB
SOA
Directory Services
DNS
CMDB
CMS
Review All Key Topics
Define Key Terms
Chapter 17 Authentication and Authorization Technologies
Authentication
Identity and Account Management
Password Types and Management
Characteristic Factors
Physiological Characteristics
Behavioral Characteristics
Biometric Considerations
Dual-Factor and Multi-Factor Authentication
Certificate-Based Authentication
Single Sign-On
Authorization
Access Control Models
Discretionary Access Control
Mandatory Access Control
Role-Based Access Control
Rule-Based Access Control
Content-Dependent Versus Context-Dependent Access Control
Access Control Matrix
ACLs
Access Control Policies
Default to No Access
OAUTH
XACML
SPML
Attestation
Identity Propagation
Federation
SAML
OpenID
Shibboleth
WAYF
Advanced Trust Models
RADIUS Configurations
LDAP
Active Directory (AD)
Review All Key Topics
Define Key Terms
Part VI: Appendixes
Appendix A Answers
Appendix B CASP CAS-002 Exam Updates
Always Get the Latest at the Companion Website
Technical Content
Glossary
Index
CD-only Elements:
Appendix C Memory Tables
Appendix D Memory Tables Answer Key
